From fef78a8f6f8b7749ce328f6beeec51fb046dbbca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Anders=20=C3=85strand?= <anders.astrand@percona.com>
Date: Thu, 8 Jan 2026 16:24:59 +0100
Subject: [PATCH] Fix broken and dangerous int array function

Instead of using unsafe libc functions (strcat) and cropping the
integers (givin snprintf a buffer too small for any integer) we use
postgres StringInfo as god intended.
---
 pg_stat_monitor.c | 33 +++++++++++++++------------------
 1 file changed, 15 insertions(+), 18 deletions(-)

diff --git a/pg_stat_monitor.c b/pg_stat_monitor.c
index 467b2ff..5ef4e38 100644
--- a/pg_stat_monitor.c
+++ b/pg_stat_monitor.c
@@ -3768,30 +3768,27 @@ comp_location(const void *a, const void *b)
 }
 
 #define MAX_STRING_LEN	1024
-/* Convert array into Text dataum */
+
+/* Convert array of integers into Text datum */
 static Datum
 intarray_get_datum(int32 arr[], int len)
 {
-	int			j;
-	char		str[1024];
-	char		tmp[10];
+	StringInfoData str;
+	Datum		datum;
 
-	str[0] = '\0';
+	if (len < 1)
+		return CStringGetTextDatum("");
 
-	/* Need to calculate the actual size, and avoid unnessary memory usage */
-	for (j = 0; j < len; j++)
-	{
-		if (!str[0])
-		{
-			snprintf(tmp, 10, "%d", arr[j]);
-			strcat(str, tmp);
-			continue;
-		}
-		snprintf(tmp, 10, ",%d", arr[j]);
-		strcat(str, tmp);
-	}
-	return CStringGetTextDatum(str);
+	initStringInfo(&str);
+	appendStringInfo(&str, "%d", arr[0]);
 
+	for (int i = 1; i < len; i++)
+		appendStringInfo(&str, ",%d", arr[i]);
+
+	datum = CStringGetTextDatum(str.data);
+	pfree(str.data);
+
+	return datum;
 }